During my programming work I had to do some system administration tasks, and since a while I'm also maintaining some servers. This is a log for the problems I find - and hopefully their solutions.

Monday, April 11, 2005

Spambot = DOS

This is getting serious. Yesterday night a spammer put 245 comments in less than 2 minutes to some MovableType blogs I host. The result: the server got overloaded in no time and the kernel started a great massacre in there. After the smoke cleared up crond, named and munin-node were killed - for the whole night, I just restarted them. It's really pissing me off, an automated process can bring down a server in 2 minutes, I'll have to do something about this. Ideas:
  • upgrade to MT3, check how it's done there
  • disable comments for old posts (is it possible in MT2.6?)
  • hack comments.cgi not to allow more than 1 comment / 1 minute / 1 IP
  • replace MTBlackList with a better protection tool
That's all I can think of. Together with the previous trouble with MT2.6 I think it might be time to upgrade.

posted by peter at 9:39 AM

0 Comments:

Post a Comment

<< Home